Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/0D8F70ECF42F11EFBEF1C54F762E951A.roa
File: 0D8F70ECF42F11EFBEF1C54F762E951A.roa (raw, json)
Hash identifier: G7pfoRCo8bF6v/7gFQ96fe5aq3O/YIfMzUCbxTTRg/Q=
Subject key identifier: 0D:08:D9:F9:33:89:66:61:23:21:F9:1B:05:26:13:38:95:B9:D6:85
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 01624E
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/0D8F70ECF42F11EFBEF1C54F762E951A.roa
Signing time: Wed 26 Feb 2025 10:47:20 +0000
ROA not before: Wed 26 Feb 2025 10:47:16 +0000
ROA not after: Thu 19 Feb 2026 10:47:16 +0000
asID: 984
IP address blocks: 154.208.82.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 13 Apr 2025 00:12:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 90702 (0x1624e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Feb 26 10:47:16 2025 GMT
Not After : Feb 19 10:47:16 2026 GMT
Subject: CN=67bef138-2cd0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:6b:3e:62:20:ab:11:08:7b:04:96:b7:88:35:
9d:90:63:7f:70:36:8f:7b:3d:e7:d2:c0:e9:4f:b2:
3b:0a:31:e8:74:03:14:d0:6c:4e:49:f3:12:df:65:
18:29:d3:b2:c7:b2:8b:6c:be:51:11:ee:22:38:7e:
20:8b:67:e7:28:75:f0:17:7e:81:65:14:fc:79:60:
ed:0c:13:1a:75:ab:4f:13:62:60:8a:b5:00:27:8c:
f7:06:21:08:ae:02:3c:5e:bc:5b:cf:8a:e1:eb:0a:
03:72:0a:8d:67:c2:7e:ac:07:de:39:b2:59:fa:e7:
6f:e4:59:a5:01:8f:a0:95:86:f4:b1:b0:d1:e2:ce:
30:25:28:41:2d:3a:8a:91:1f:4e:58:a3:c6:ee:5e:
a3:b6:1a:a5:26:8a:ae:61:0a:3e:92:90:ca:64:15:
48:ac:72:6e:78:6a:22:fe:69:47:5e:a0:9c:1b:cf:
1f:bf:3b:68:fb:29:c3:0d:bb:87:81:9a:81:de:88:
b8:10:1a:8c:63:13:5b:90:8f:14:da:24:e3:61:95:
aa:3a:aa:51:39:24:23:00:45:e5:2e:b4:64:26:0e:
b3:fc:43:64:56:93:6e:ce:39:ac:f2:b4:76:31:26:
f4:95:a2:9a:12:72:f2:60:a0:3e:a4:f0:43:87:01:
fe:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0D:08:D9:F9:33:89:66:61:23:21:F9:1B:05:26:13:38:95:B9:D6:85
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/0D8F70ECF42F11EFBEF1C54F762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.208.82.0/24
Signature Algorithm: sha256WithRSAEncryption
c9:88:13:e9:30:10:27:fa:67:5e:9c:8b:49:0d:be:b4:c0:f2:
4b:67:d3:ea:de:6c:6d:73:34:10:00:65:a6:9b:71:2f:a9:98:
d5:7b:77:ae:8f:cb:82:4e:2b:b5:a0:52:cd:9d:16:10:84:a2:
05:91:9d:22:c9:bd:fe:10:05:bc:c2:44:92:40:6a:9c:47:e3:
a2:c3:4e:75:d5:0c:71:0a:91:22:0b:73:83:7d:fd:75:73:d7:
62:8a:75:35:0c:b1:18:83:92:aa:dd:ce:c3:88:84:3d:b8:ab:
ce:88:b5:5b:17:74:e6:a7:b0:cf:83:8c:e4:5b:00:6b:e5:91:
a4:c3:bb:c4:3b:45:f7:5f:97:2e:d8:f3:a3:99:43:29:6b:29:
64:a0:7a:89:fc:a4:cd:3f:74:4f:6c:dd:3b:4b:c1:0d:8c:0a:
ca:6c:1e:f8:46:b4:37:94:eb:0b:66:ab:ec:d1:97:43:4a:57:
f6:bb:ab:f4:e7:0a:d9:1d:b2:df:48:67:63:c1:8f:13:6e:5b:
a6:1f:e9:2f:a0:dd:66:d7:d8:ae:77:f3:64:52:3f:77:b8:75:
4d:d4:89:1b:0a:1a:e6:de:78:cc:09:ff:66:e2:80:42:6c:f3:
ae:22:b4:e9:3b:eb:3d:42:be:fd:5b:34:21:56:d4:12:b2:48:
e7:58:33:d4
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAWJOMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMjI2MTA0NzE2WhcNMjYwMjE5MTA0NzE2WjAYMRYw
FAYDVQQDEw02N2JlZjEzOC0yY2QwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAwms+YiCrEQh7BJa3iDWdkGN/cDaPez3n0sDpT7I7CjHodAMU0GxOSfMS
32UYKdOyx7KLbL5REe4iOH4gi2fnKHXwF36BZRT8eWDtDBMadatPE2JgirUAJ4z3
BiEIrgI8Xrxbz4rh6woDcgqNZ8J+rAfeObJZ+udv5FmlAY+glYb0sbDR4s4wJShB
LTqKkR9OWKPG7l6jthqlJoquYQo+kpDKZBVIrHJueGoi/mlHXqCcG88fvzto+ynD
DbuHgZqB3oi4EBqMYxNbkI8U2iTjYZWqOqpROSQjAEXlLrRkJg6z/ENkVpNuzjms
8rR2MSb0laKaEnLyYKA+pPBDhwH+VQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFA0I
2fkziWZhIyH5GwUmEziVudaFMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC8wRDhGNzBFQ0Y0MkYxMUVGQkVGMUM1NEY3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmtBSMA0GCSqGSIb3DQEB
CwUAA4IBAQDJiBPpMBAn+mdenItJDb60wPJLZ9Pq3mxtczQQAGWmm3EvqZjVe3eu
j8uCTiu1oFLNnRYQhKIFkZ0iyb3+EAW8wkSSQGqcR+Oiw0511QxxCpEiC3ODff11
c9diinU1DLEYg5Kq3c7DiIQ9uKvOiLVbF3Tmp7DPg4zkWwBr5ZGkw7vEO0X3X5cu
2POjmUMpaylkoHqJ/KTNP3RPbN07S8ENjArKbB74RrQ3lOsLZqvs0ZdDSlf2u6v0
5wrZHbLfSGdjwY8TblumH+kvoN1m19iud/NkUj93uHVN1IkbChrm3njMCf9m4oBC
bPOuIrTpO+s9Qr79WzQhVtQSskjnWDPU
-----END CERTIFICATE-----
Generated at Fri Apr 11 03:10:52 2025 by rpki-client